Version 5.14 of Pi-hole Core it came out. Also be Pi Hole Web 5.17 and Pi Hole FTL 5.19 hatched. Pi-hole is an advertising-aware dns and web server intended to run on a Raspberry Pi in the network. If Pi-hole is referenced on the router for dns handling, all devices on the network will automatically use it without any settings needing to be changed. Then ads are no longer fetched, which makes pages load faster. Potentially, it can also keep malware out. For more information, we refer you to the explanations and videos on this pageor this manual from tweaker jpgview. The release notes for this release can be found below.
We update the embedded dnsmasq to the next tagged version of dnsmasq. Highlights compared to the most recent version of dnsmasq (v2.87) released in FTL v5.18 are:
- Allow domain names as well is IP addresses in server options – this will be especially helpful in situations where upstream destinations are primarily reachable by hostname (think of DHCP networks and docker compose, etc.) (Pi-hole patch)
- use-stale-cache – when set, if a DNS name exists in the cache, but its time-to-live has expired, dnsmasq will return the data anyway and attempts itself to refresh the data with an upstream query after returning the stale data . This can improve speed as we can always reply immediately to known queries, even when cached content has expired, instead of having to wait for upstream replies to arrive. However, in certain edge-cases, these out-of-data replies can lead to (intermittent) incorrect behavior on websites as there is no way to inform a downstream client that an answer we provided before was wrong. The client may cache wrong data for a long time until it re-sends a query to get the updated information.
It comes at the expense of sometimes returning out-of-date replies and less efficient cache utilization, since old data cannot be flushed when its TTL expires. The cache becomes strictly least-recently-used.
- New fast-dns-retry option – gives dnsmasq the ability to originate retries for upstream DNS queries itself, rather than relying on the downstream client. This is most useful when doing DNSSEC over unreliable upstream network. Retries are generated when no reply was received for 1 second. Retries are repeated with exponential backoff until we give up after 10 seconds. Both values are configurable with millisecond accuracy.
- New port-limit=<#ports> option – by default, when sending a query via random ports to multiple upstream servers or retrying a query dnsmasq will use a single random port for all the tries/retries.
- New no-round-robin option – suppresses round-robin ordering of DNS records and ensures answers are always served in the same order.
- Enhance hostsdir to remove outdated entries on changes. Before, this required a full dnsmasq restart (Pi-hole patch)
- Improve hostsdir logging to log the HOSTS file used for generating a local reply (Pi-hole patch)
This release also includes a number of smaller improvements and bug fixes in all components.
|Version number||5.14.1 / Web 5.17 / FTL 5.19.1|
|Operating systems||Script language|